kubestriker v1.2 releases: Blazing fast Security Auditing tool for Kubernetes

kubestriker

kubestriker performs numerous in-depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops engineers/developers are likely to encounter when using Kubernetes, especially in production and at scale.

kubestriker is Platform agnostic and works equally well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE, etc.

Current Capabilities

• Scans Self Managed and cloud provider managed Kubernetes infra
• Reconnaissance phase checks for various services or open ports
• Performs automated scans incase of insecure, read-write, or readonly services are enabled
• Performs both authenticated scans and unauthenticated scans
• Scans for a wide range of IAM Misconfigurations in the cluster
• Scans for a wide range of Misconfigured containers
• Scans for a wide range of Misconfigured Pod Security Policies
• Scans for a wide range of Misconfigured Network policies
• Scans the privileges of a subject in the cluster
• Run commands on the containers and streams back the output
• Provides the endpoints of the misconfigured services
• Provides possible privilege escalation details
• Elaborative report with detailed explanation

Types of Scans

Authenticated scans

Authenticated scan expects the user to have at least read-only privileges and provide a token during the scan. please use the below-provided links to create read-only users

Create a read-only user for Amazon eks
Create a read-only user for Azure aks
Create a read-only user for Google gke
Create a subject using Role-based access control

Unauthenticated scans

The unauthenticated scan will be successful incase of anonymous access is permitted on the target cluster

Identifying an open Insecure port on Kubernetes master node

Identifying a worker Node with kubelet read-write and readonly ports open

Changelog v1.2

Fixes

• Documentation: Updated the Documentation to reflect new Changes

Features

• CICD Integration: A new version of container image that can be used in CICD tools
• Web Application Version: A new WebApplication version of kubestriker is launched

Install & Use

Copyright [2020] [vasant kumar chinnipilli]